function sanitizeString($var) { $var = stripsplashes($var); $var = strip_tags($var); $var = htmlentities($var); return $var; }
function showProfile($user) { if (file_exists("{$user}.jpg")) { echo "<img src = '{$user}.jpg'> align='left' />"; } $result = queryMysql("SELECT * FROM profiles WHERE user = '******'"); if (mysql_num_rows($result)) { $row = mysql_fetch_row($result); echo stripsplashes($row[1]) . "<br clear=left /><br />"; } }